I should have clarified that I’m talking about my login and iCloud passwords here. For websites, I always use hide-my-email (hey, I wrote the client-side code for it) and a safari-suggested unique password for exactly the reason you mention.
I do share those two (different) passwords around the machines I own, (ie: all login passwords are the same, and the iCloud password is shared of course) but I don’t see that as extending my risk at all. All of those machines are under my control for the login, and I know how well Apple secure the iCloud one.
I do share those two (different) passwords around the machines I own, (ie: all login passwords are the same, and the iCloud password is shared of course) but I don’t see that as extending my risk at all. All of those machines are under my control for the login, and I know how well Apple secure the iCloud one.